Attacks are inevitable especially since now hackers use automated tools to find vulnerable or potentially vulnerable targets. Any resources which is accessible from Internet will be attacked, usually within hours.
Besides putting up defences such as firewall and WAF, the fundamental action which we can take is to reduce attack surface. Basically, to reduce and eliminate unnecessary access. For Simply Data, we have SSLVPN opened for work-from-home employees. We also have IPSec VPN opened to establish connection from customer’s premise to our datacenter. There were some attack attempts onto our exposed IPSec VPN interface (which, by the way, we have closed and tighten). This was discovered from our proactive threat hunting exercise in our security monitoring team.
For a closed loop system, any threat hunting exercise needs to lead to improvement in security posture for indefinite continuous improvement in security. Often, organization focuses on chasing the new shinny technology but forgets about continuous improvements. And because of this, security solution is always underutilized. There are many other factors which contributes to this issue such as lack of manpower among many other things. Therefore, managed security service provider plays an important role to solve this issue and Simply Data is here to help.
Dive in with us and take a look at our threat hunting activity using a real case scenario on the attack attempts on our datacenter.
View our 5-minutes demo session here: